[Bro] create team for update snort2bro script signature ?

rmkml rmkml at free.fr
Thu Nov 6 07:57:01 PST 2008


Hi,
Congratulations Bro Team for a new version 1.4 !
I expected than bro is not a snort rules parser, but its interesting porting snort rules directly to bro...
Im interested by update snort2bro signature, Im known snort rules, but I don't known how its implemented on bro script!
Anyone interested ?
First question: bro contains two script, one in perl and one in python,
  what is the "best" ?
Second question: function not supported:
1)byte_test() is not supported, but it is possible bro contains similar function ?
2)byte_jump() is not supported, but it is possible bro contains similar function ?
Regards
Rmkml
Crusoe-Researches.com



More information about the Bro mailing list